CVE-2026-7338

Description

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)

PUBLISHED Reserved 2026-04-28 | Published 2026-04-28 | Updated 2026-04-29 | Assigner Chrome

Problem types

Use after free

Product status

References

chromereleases.googleblog.com/...-update-for-desktop_28.html

issues.chromium.org/issues/502449857

cve.org (CVE-2026-7338)

nvd.nist.gov (CVE-2026-7338)

Download JSON